CVE-2021-1494 , CVE-2021-1495
Multiple Cisco products are affected by vulnerabilities in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. An attacker could exploit these vulnerabilities by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured file policy for HTTP packets and deliver a malicious payload.
Refer to Cisco Security Advisory for patch, upgrade, or suggested workaround information.